FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 195661

This article describes how ForitGate use Automation function via webhook to send message to Slack channel, and how to customize information use event log.

Useful link:
Fortinet Documentation:
Webhook action:

1) Create New Automation

2) Give automation stitch name

3) Select Trigger method
4) Select Event
5) Select Action
6) Put Slack Channel Information

7) Generate Admin login failed event
c3po-kvm52 # dia de app autod -1
Debug messages will be on for 30 minutes.

c3po-kvm52 # dia de ena

c3po-kvm52 # auto_generate_generic_curl_request()-302: Generating generic automation CURL request for action (webhook2slack).
auto_generate_generic_curl_request()-350: Generic automation CURL request POST data for action (webhook2slack):
{"text": "This is for user - admin login failed as log reason - passwd_invalid, ui = ssh( log method - ssh from log srcip - , msg - Administrator admin login failed from ssh( because of invalid password"}

auto_generate_generic_curl_request()-400: Generic automation CURL request Host header:
auto_generic_curl_request_close()-476: Generic CURL request response body from
Where is the HTTP body parameter come from?
Some old version such as 6.0.5 may met HTTP 400 error, please upgrade to 6.2.2